---
title: "Dock for DevOps: deploy-gating workflow with attributed roll-forward decision"
excerpt: "Dock turns deploy-gating into a recorded decision. The agent reads the GitHub Actions pipeline, the Datadog burn rate, and the ArgoCD sync state, drafts a roll-forward recommendation, and a named engineer approves before the promotion is allowed to run."
author: mei
category: Use Cases
date: "2026-05-30"
---

Deploy-gating in 2026 is not a green checkmark. It is a written decision that says which build is going to production, who approved it, and what the agent saw in CI when it asked. Dock is where that decision lives. The agent reads GitHub Actions, Datadog, and ArgoCD on demand, drafts a recommendation, and a named on-call engineer signs off before promotion runs.

GitHub Actions, Datadog, and ArgoCD stay the system of record for the raw data. Dock is the system of record for what the AGENT INTERPRETS. Each Dock row carries a pointer back to the platform record, agent identity, decision, reviewer, and timestamp. The agent re-fetches platform data via fresh API reads when it needs current state.

## The gate table

A single Dock table holds one row per promotion attempt. The agent writes the draft, the engineer flips the decision, and ArgoCD reads the approved row before syncing.

| Build | CI run | Burn rate (1h) | ArgoCD diff | Agent recommendation | Reviewer | Decision |
|---|---|---|---|---|---|---|
| api-svc 4.812.0 | actions/run/9912 green | 0.4x | 3 manifests | Roll forward. No regression signal, burn rate nominal. | sasha@ | Approved 14:02 |
| checkout 2.31.0 | actions/run/9914 green | 2.1x | 1 manifest | Hold. Latency burn rate above 2x for 40m on prior version. Recommend wait for window to recover. | priya@ | Held 14:18 |
| billing-worker 7.04 | actions/run/9921 flaky retest | 0.9x | 5 manifests | Roll forward with canary at 10 percent. Flaky test rerun passed twice, low blast radius. | sasha@ | Approved canary 15:30 |

The agent identity column is not shown above but is stamped on every draft. See [agent identity](/blog/agent-identity) for why that column exists.

## One worked workflow

A merge to main triggers GitHub Actions. The build passes. A webhook posts to Dock and the on-call agent opens a gate row. The agent calls the GitHub API for the run summary, Datadog for the one-hour burn rate, and ArgoCD for the manifest diff. It writes a recommendation in plain English. The on-call engineer reads three lines, checks the linked run, and flips Decision to Approved or Held. ArgoCD polls Dock for the approved row and syncs. A held row stays open with a reason; the next draft reads it first.

The agent never promotes on its own. Promotion is a [dangerous operation](/blog/dangerous-ops-contract) that requires a human signature.

## Why this matters

Most deploy-gating is a Slack thread that scrolls away. The CI badge is green or red, and the reasoning behind a roll-forward is lost when the channel archives. Dock keeps the reasoning, inputs, and signer on one row. When the post-incident review asks why build 4.812.0 went out at 14:02, the answer is there, with links to the GitHub run and Datadog snapshot the agent read at draft time. Same record shape as [agent audit and compliance](/blog/agent-audit-and-compliance) and [Dock for security operations](/blog/dock-for-security-operations).

DORA research treats change failure rate and failed-deployment recovery time as core delivery metrics ([DORA, 2024](https://dora.dev/guides/dora-metrics-four-keys/)). Google SRE error budget policy halts releases other than P0 fixes once a four-week budget is consumed ([Google SRE Workbook](https://sre.google/workbook/error-budget-policy/)). Dock makes both legible at the moment of decision, not in a quarterly dashboard.

This is the [cloud 2.0 shape for engineering](/blog/cloud-2-0-for-engineering): platforms hold execution, Dock holds interpretation, agents draft, humans sign.

See the full pillar at [Dock for DevOps](/blog/dock-for-devops).

## FAQ

**Does Dock replace ArgoCD or GitHub Actions?**
No. They remain the system of record for builds and syncs. Dock holds the interpretation layer and the signed gate decision.

**Can the agent approve a roll-forward on its own?**
No. The agent drafts. A named engineer signs. Promotion without a signed row is not a configured path.

**What does the agent re-read at draft time?**
The GitHub run summary, the Datadog burn rate for the affected SLO, and the ArgoCD manifest diff. It re-fetches on every draft so stale telemetry does not enter the row.

**Does the row hold for a held decision?**
Yes. A held row stays open with the reviewer reason. The next pipeline draft reads the prior hold before recommending again.